Channels

Services

Mud-slinging in the Warez scene

In his blog, a hacker who goes by the pseudonym "PöserHäcker" claims he gained access to the data of 770,000 registered users of the myGully.com Warez forum. To prove his claim, the unknown hacker provided The H's associates at heise Security with a 100-MByte database extract. The file contains almost 200,000 private messages, some of which have already been verified as authentic by members of the forum.

The unknown hacker has threatened to publish the stolen data, including IP and email addresses within six weeks. Users who have shared copyrighted material through the forum were given the option of "buying themselves out" by removing their uploads from the forum and sending a confirmation message to the hacker. Among other things, the hacker accused the myGully.com operators of storing IP addresses and of censoring the forum. He called on the admins to resign – threatening to publish their private data if they don't.

A short time later, blogger "RabeundFuchs" claimed that the campaign by "PöserHäcker" was instigated by rival forum boerse.bz and threatened to retaliate, saying that he intended to publish a database excerpt of the boerse.bz forum, which has more than 700,000 registered members. The blogger has already published private data he claims belong to the operators of boerse.bz. This includes emails linking the boerze.bz operators to the share.cx file hosting service. The blogger also claims to possess about 100 Mbytes of data from share.cx, including users' IP addresses. A report from the statistics of a partner program reveals payments amounting to more than €175,000 for this operator.

In another post added shortly afterwards, PöserHäcker said that he has now reported the security hole he found to myGully.com, and that he will refrain from publishing any further data. Whether this was a response to the threats or a reply forged by the intruder has not been established.